Only one of the four has been arrested so far

Mar 15, 2017 20:02 GMT  ·  By

The US Department of Justice confirms that it has filed charges against two Russian spies and two criminal hackers for the 2014 Yahoo hack that exposed 500 million user accounts. 

The announcement was made at a news conference in Washington following rumors about the indictment from earlier today. This is the first time the United States government has criminally charged Russian officials for a cyber attack.

The officers of the FSB, which is Russia's Federal Security Service, a successor of the KGB, were identified as Dmitry Dokuchaev and his superior, Igor Sushchin. They are both currently in Russia and chances are they won't ever see trial in the United States because there is no extradition treaty between the two countries.

Dokuchaev is one of the two FSB officers arrested alongside Kaspersky manager Ruslan Stoyanov back in December and accused of treason over alleged cooperation with the CIA via an American company.

One hacker was arrested

The other two people accused are Alexsey Belan, one of the most wanted cyber criminals in the world, and Karim Baratov, Kazakgstan-born, but with Canadian citizenship. Baratov was already arrested this past Tuesday and his case is pending with local authorities since his arrest took place on Canadian territories.

Belan was actually arrested in Europe back in 2013, but managed to escape to Russia before he could be extradited to the United Stated, the Justice Department said.

"The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI's point of contact in Moscow on cyber crime matters, is beyond the pale," said Acting Assistant Attorney General Mary McCord.

A mixed campaign

The US officials say that the entire hacking campaign was planned by the FSB to collect intelligence, but the two hackers used the trove of data to line their pockets.

They did this by forging cookies that told Yahoo's servers to allow them access to large numbers of email accounts without even needing the proper credentials. According to the indictment, the hackers wrote authentication cookies for use on their own computers, but also pushed these fake cookies to individual users they wanted to target.

The team monitored over 6,500 accounts with this technique, the Department of Justice said.

In September 2016, Yahoo revealed that they had suffered a data breach back in 2014. It said that it suspected "state-backed actors" to be behind the issue and it seems that their suspicions were true. The company revealed that 500 million accounts were affected by the breach.

In December 2016, the company came forward once more and said that in 2013 it had been the victim of another data breach, this time involving 1 billion accounts.